The recent spate of cyberattacks against Australian organisations has caused many to reconsider their cybersecurity strategies and enhance their Zero Trust models. Amritha Saravanan, IT Security Evangelist, ManageEngine, discusses the importance of Zero Trust and how it aligns with the Australian Cyber Security Centre (ACSC)’s Essential Eight Maturity Model.
The COVID-19 pandemic has stimulated a major Digital Transformation, but security is yet to catch up. Hybrid work has become the norm and multi-cloud footprints have rapidly expanded.
Not only are people working from wherever they choose, but organisations are also accessing more of their data from the cloud. This environment makes it critical for organisations to adopt Zero Trust for cybersecurity.
What is Zero Trust?
Zero Trust is a philosophy, not a product or technology. The core principle of Zero Trust is ‘never trust, always verify’.
No matter the device, user, network, or location (whether inside or outside the walls of an organisation), trust should not be explicitly given to any identity.
Principles like least privilege access, micro segmentation of networks with different credentials, data usage control and continuous validation in real time can help organisations mitigate inevitable intrusions into networks.
Zero Trust has emerged as the answer to contemporary security challenges posed by the widespread uptake of mobile and cloud technologies.
According to TeleGeography’s WAN Managers Survey, 35% of WAN managers implemented practices of Zero Trust security in 2021, showing an increase of 8% from 2019. While it seems there has been an uptake, more widespread adoption is necessary as the threats increase in volume and complexity.
Implementing Zero Trust into a cybersecurity strategy will make it much harder for adversaries to compromise systems. However, there’s more that can be done.
What are the Essential Eight?
Due to the growing number of cyberattacks and the increasing threat to cybersecurity, the Australian Cyber Security Centre (ACSC) developed the Essential Eight Maturity Model.
It’s a set of eight mitigation strategies from the ACSC’s Strategies to Mitigate Cyber Security Incidents, first published in 2010 and updated regularly: application control, patch applications, configure Microsoft Office macro settings, user application hardening, restrict administrative privileges, patch operating systems, multi-factor authentication, and regular backups.
Organisations are recommended to implement these eight essential mitigation strategies as a baseline.
Why is aligning Zero Trust with the Essential Eight ideal?
Zero Trust is important because it is an effective way to reduce data loss and prevent data breaches, which have an average cost of US$4.35 million globally, according to a study conducted by Ponemon Institute and IBM. Organisations that have already adopted the Zero Trust model will find it easier to comply with the Essential Eight because Zero Trust exceeds those requirements and helps organisations elevate their maturity level.
For example:
- Privileged access management: This is a fundamental part of enabling Zero Trust architecture and meeting the Essential Eight. Implementing privileged access management minimises the potential for a security breach. It also keeps the damage minimal should a breach occur.
- Multi-Factor Authentication (MFA): MFA is the core of the Zero Trust model and is also one of the Essential Eight strategies. It involves a series of requirements that make it significantly more difficult for an adversary to perform malicious activities on a network, thus drastically reducing the chance of them breaching it.
- SIEM: The Zero Trust model improves monitoring and alerting when deployed with a proper SIEM tool. This in turn helps security administrators rapidly detect and respond to time-sensitive security events like patching applications, which is an Essential Eight strategy. Zero Trust also involves measures to alert users, indicate a breach and specify proper incident response actions, which are all facilitated by coordination with a SIEM solution.
- Data backups: Regularly making offline and online backups is one of the strategies of the Essential Eight. Having a Zero Trust model helps in this regard by automating backups and ensuring compliance with backup policies. App and data security policies can be centrally managed and automation tools can be used to migrate these policies to where they are required.
The Essential Eight are designed to help build a strong cybersecurity environment. They are cybersecurity best practices that cover preventing malware delivery and execution, limiting the extent of cybersecurity incidents, recovering data and improving system availability.
These are vital considerations against the backdrop of a rapidly escalating threat offensive. It’s important to recognise that they address some, not all, elements of a Zero Trust framework.
Building greater trust in our cyber systems and overall security posture means combining Essential Eight with a Zero Trust framework.
Click below to share this article